Overview

overview

8

Static

static

boost-fps.exe

windows7_x64

1

boost-fps.exe

windows10-2004_x64

8

Analysis

  • max time kernel
    41s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220331-en
  • submitted
    04-04-2022 03:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    boost-fps.exe

  • Size

    1.3MB

  • MD5

    92fc1129af30ba08a79113624f51bcb7

  • SHA1

    b68388c46a78d262fcdedbaea09372785fb6786c

  • SHA256

    121dec5bd279daf16e683e472949a269bb9751d6ceae4274875e36abe8871946

  • SHA512

    3c1b7f326e717e0ed6cc435647598ec37ce0c2b90a942317f8d4b2c2ac8d3bd4f6c94ec86ad5af4ded8bf31a25485590b03549e0cd5e3509308e04e066efc12c

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 20 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\boost-fps.exe
    "C:\Users\Admin\AppData\Local\Temp\boost-fps.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:892
    • C:\Users\Admin\AppData\Local\Temp\boost-fps.exe
      "{path}"
      2⤵
        PID:1088
      • C:\Users\Admin\AppData\Local\Temp\boost-fps.exe
        "{path}"
        2⤵
          PID:1736
        • C:\Users\Admin\AppData\Local\Temp\boost-fps.exe
          "{path}"
          2⤵
            PID:1332
          • C:\Users\Admin\AppData\Local\Temp\boost-fps.exe
            "{path}"
            2⤵
              PID:940
            • C:\Users\Admin\AppData\Local\Temp\boost-fps.exe
              "{path}"
              2⤵
                PID:1732

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/892-54-0x0000000000390000-0x00000000004EA000-memory.dmp
              Filesize

              1.4MB

              Download
            • memory/892-55-0x00000000006D0000-0x00000000006DA000-memory.dmp
              Filesize

              40KB

              Download
            • memory/892-56-0x0000000007D00000-0x0000000007DA2000-memory.dmp
              Filesize

              648KB

              Download
            • memory/892-57-0x0000000007F50000-0x0000000007FCA000-memory.dmp
              Filesize

              488KB

              Download